Fake Clubhouse Ads on Facebook Were Packed with Malware

Ad-Blocker, Antivirus, Facebook Clubhouse, Fake Ads, malware, Ophtek, , , , ,
27
Apr 2021

Clubhouse is a social media app which is currently only available on Apple devices. But this hasn’t stopped hackers using it to exploit PC users.

The success of Clubhouse since its launch in April 2020 has ensured that it has grabbed numerous headlines. And everyone is keen to have a taste of the Clubhouse experience where audio content is king. But this is not yet an option for PC users. Nonetheless, the interest generated by Clubhouse means that the app has brought it to the attention of the hacking community. Using all their cunning and guile, these hackers have decided to use Clubhouse as a front for infecting PCs with malware. And they have been meeting this objective by running fake ads on Facebook.

Facebook currently has around 2.8 billion regular users, so the potential for success with this attack is large. Therefore, you need to be aware of what to look out for.

Fake Ads on Facebook

The promise of these fake ads on Facebook were simple: a Clubhouse app is now available for PCs, so get it now. It was an announcement which caught the eye of many PC users. But, unfortunately, there was no Clubhouse app for the PC. Instead, clicking the ad would take the user to a malicious website pretending to be an official Clubhouse page. On this page there was a download link for an app, but it was not Clubhouse; there would be no opportunity for social media activities on the malicious app. Once it was opened it would connect the victim to a remote server which then proceeded to download malware (including ransomware) on to the PC.

Combatting Fake Ads

Malvertising has been a common hacking strategy for some time now, but it is not one that many people are familiar with. And, given the size and scale of Facebook, it is surprising that their platform is open to such abuse. However, it is this size which makes it such an attractive proposition to hackers. If just 0.5% of Facebook’s audience fall for a scam then it’s a significant hit. Thankfully, this Clubhouse scam appeared to deactivate as soon as it was discovered. The malicious app no longer connects to a remote server and now only returns an error message. But it’s important that you know what you’re clicking on when you’re online.

In an ideal world, Facebook would fully vet every single advert submitted to its system. But this is impossible due to the sheer numbers involved. And, besides, they can easily be adjusted after being accepted on the platform. Therefore, it pays to carry out these best practices:

  • Verify Ad Destinations: Depending on which browser you use, you should be able to view where an ad will send you before clicking on it. Often, hovering over it is enough to display the destination within your browser. Alternatively, you can right hand click an ad and select “Copy link address” before pasting it into a program such as Notepad. If there is something suspicious about this link – such as a name which doesn’t match the promised destination – then don’t click the advert.
  • Run Antivirus Software: It’s crucial that you install antivirus software on your PC, particularly one that runs in real-time. These apps may not stop you clicking on infected adverts, but they can identify infected software. Accordingly, the malicious Clubhouse app would be detected and immediately quarantined.
  • Use an Ad-Blocker: An ad-blocker will block all the ads on a webpage, so this completely eliminates the risk of clicking on a malicious ad. This may sound perfect, but bear in mind that some websites may not run properly when an ad-blocker is used. In fact, many websites may not allow you to gain access to their content as a result. Luckily, websites that you trust can be listed as exceptions within the software.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

Five Internet of Things Security Tips You Need to Know

Internet of things, IOT, IoT Attacks, Ophtek, Security, , ,
20
Apr 2021

The Internet of Things (IoT) has redefined our concept of connectivity and what IT can achieve. But with these advances comes the need for unique security.

Thanks to the IoT it is now possible for organizations to simplify their connectivity solutions. Traditionally, multiple devices in a business meant one thing: cables, cables and more cables. But the beauty of the IoT is that it is completely cable free. As long as there is an internet connection, you can connect a multitude of devices that communicate in real-time.. However, we all know the potential dangers of transmitting data over the internet. So, what do you do?

Protecting Yourself and the IoT

As the IoT is a relatively new phenomenon, it is important that you know the best ways in which to protect your connections and data. And here are five of the best IoT security tips you need to know:

  • Know What’s Connected: It is crucial that you list everything that is authorized to connect to your IoT network. This allows you to monitor each device for any unauthorized activity and any potential maintenance issues. Once you have established your list of authorized devices, it is recommended that you detail the areas of your network they have access to. It may be that you need to restrict access to non-essential areas of your network to minimize the impact of any breaches.
  • Change Default Passwords: The IoT has received negative press thanks to the number of default passwords that come built into IoT devices. This scenario allows hackers quick and easy access into your devices and networks. Therefore, any new IoT device which is installed within your organization needs to have any default passwords changed immediately. With unique passwords protecting your IoT devices, you can rest assured your network is much safer.
  • Check Device Settings: It is important that you always check each IoT’s device settings before letting them go live on your network. In particular, you need to focus on the privacy settings. Many devices will be set up to automatically record data that you may not want logging e.g. voice recordings.  Accordingly, it pays to evaluate each device to establish what it can and can’t have access to.
  • Two-Factor Authentication: Where possible, always take advantage of two-factor authentication. Many IoT devices are adopting this security measure in order to make their hardware more attractive to consumers. And security sells in the 21st century. Two-factor authentication is, essentially, an extra line of defense. It is an additional login procedure which requires unique credentials sent to a secure device such as a cellphone.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

Defense Companies Under Attack from ThreatNeedle

Hackers, macros, Ophtek, spear phishing, threatneedle, Updates, , , , ,
13
Apr 2021

Defense firms in over a dozen countries have found themselves targeted by a new backdoor threat named as ThreatNeedle. And it’s hitting firms hard.

The last thing that a defense firm wants is for their networks to be breached. Not only does it damage their reputation as a defense firm, but it puts significant data at risk. Hackers, of course, love to cause trouble, so a defense organization is the perfect target. But the hackers behind the ThreatNeedle malware are more than just a minor hacking group. The threat is believed to come from Lazarus, a secretive hacking group with ties to the North Korean government.

As this is a major threat we’re going to put ThreatNeedle under the microscope for a closer look.

What is ThreatNeedle?

ThreatNeedle takes a spear phishing approach to begin its campaign and does this by faking email addresses that look as though they belong to the target company. This move, which is relatively easy with an email server and the right software, allows the victims to be lulled into a false sense of security. This scenario is then exploited by embedding malicious links or attaching infected documents. Often, these emails have been laced with a COVID-19 theme in order to fully engage the user, but any subject may be used to rush the recipient into action.

The attackers, once the ThreatNeedle payload has been unleashed, are then able to take control of the victim’s PC. Naturally, this means that they will carry out typical hacking attacks such as:

  • Executing remote commands to run applications and download further malware
  • Send workstations into hibernation mode to disrupt IT activities
  • Log data and transmit to a remote PC where it can be archived and exploited

However, ThreatNeedle also has an innovative ace up its sleeve. Generally, if a network is segmented then malware will be limited to the segment it infects. This limits the amount of damage that can be caused to an entire network. So, for example, a set of PCs which are not connected to a network by the internet should be safe from all hacks. Unfortunately, ThreatNeedle is able to take advantage of IT department’s administrator privileges. This grants them the opportunity to access all segmented areas of a network. And it maximizes the damage they can cause.

How Do You Protect Against ThreatNeedle?

As with all malware, you don’t have to fall victim to ThreatNeedle. You just need to keep your wits about you and understand its threat. You can do this by carrying out the following:

  • Educate Staff on Phishing Emails: It’s important that your staff are fully trained on the dangers of phishing emails. Social engineering is a popular technique employed by hackers, but it can be thwarted if you know what to look for.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

How to Protect Your IT Hardware from Damage

IT Best Practices, IT damage, laptop case, Ophtek, PC enclosure, screen protector, surge protector, ventilation, , , , , ,
06
Apr 2021

IT hardware is complex and, as a result, can be highly fragile. Even the slightest amount of damage can render it unusable, so you need to protect it.

The fragile nature of IT hardware isn’t your only concern. There is also the cost. While a mouse may not be a bank-breaking  piece of equipment, a PC terminal is. Therefore, it pays to err on the side of caution and ensure your IT equipment is protected. But where exactly should you start? After all, there are so many different types of IT hardware and you need to know which ones to protect and how to achieve this. Let’s take a quick look at what you should be concentrating on.

Protecting Your IT Hardware

There are a number of options when it comes to protecting your IT hardware from damage and the most useful solutions are:

  • Use Surge Protectors: Electrical surges can damage both motherboards and hard drives, so it’s important to use surge protectors. When a surge protector detects that an incoming voltage is too high, it will re-distribute any excess voltage. This protects any devices on that circuit and reduces the risk of them suffering electrical damage.
  • Laptop Cases: Advances in technology mean that laptops are getting lighter and slimmer than ever before. It certainly makes them more portable, but it also opens them up to a world of damage. Protecting your laptop, while it’s in transit, is crucial. The simplest way to achieve this is with a laptop case. Make sure you invest in one which has plenty of padding to minimize the inevitable knocks and bumps it will get as you travel around.
  • Laptop Screen Protectors: It’s more likely that a laptop is going to fall onto the floor than a desktop PC. This means that the risk of screen damage is much higher. And, unfortunately, swapping out a damaged screen is equivalent to the cost of a new laptop. But you can minimize scratches with screen protectors. It’s also possible to buy heavy duty screen guards made from tempered glass to maximize screen protection.
  • Provide Adequate Ventilation: All IT hardware has a tendency to heat up as its workload increases. This is why PCs are designed with internal cooling fans and vents. However, these vents need adequate ventilation to correctly disperse excess heat. If workstations are jammed up against a wall then it’s likely that these vents will be blocked. This can lead to soaring internal temperatures which will literally fry your hard drive. The ideal amount of airspace between a PC and anything else should always be 3 – 4 inches.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More